[vpn-help] Log says phase1 ID's mismatch, but they are the same
Alexis La Goutte
alexis.lagoutte at gmail.com
Mon May 23 02:03:09 CDT 2011
On Sat, May 21, 2011 at 1:00 AM, Mark Larwill <larwill at gmail.com> wrote:
> I am having a problem connecting to a WatchGuard XTM510 using certificates.
> Specifically I get the following confusing message in the log:
>
> 11/05/20 15:31:34 << : identification payload
> 11/05/20 15:31:34 !! : phase1 id mismatch
> 11/05/20 15:31:34 !! : received = fqdn 4.4.4.5
> 11/05/20 15:31:34 !! : expected = fqdn 4.4.4.5
> 11/05/20 15:31:34 DB : phase1 resend event canceled ( ref count = 1 )
>
> I found a similar issue in the past list, but it's not clear to me if that
> was ever resolved.
> http://lists.shrew.net/pipermail/vpn-help/2007-May/000333.html Here is the
> full log, from a fresh boot trying to connect only one time from a Windows
> XP machine using release 2.1.7. I also have the packet
> capture separately and can send it if you wish. I wonder is it possible that
> the format of the certificates is creating a problem, or is that totally
> unrelated to the IDs? The same set of certificates work with a NCP ipsec
> client and the same WatchGuard XTM510.
>
> [...]
>
Hi Mark,
It is possible to attach a sample of packet dump ( crypted and decrypted) ?
Regards
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20110523/f434aec5/attachment-0002.html>
More information about the vpn-help
mailing list